Azure WAF does not play nicely with Web Apps

Recently I’ve been working on a Sitecore site that is using Azure App Gateway, and it is using the Web Application Firewall (WAF) features of that too. Broadly, I’ve been quite impressed, but I did come across a few problems.

OWASP publish a set of rules used in ModSecurity to try to identify anomalous traffic. These rules then total into a score of “how anomalous this request is”. Finally, there is one rule that checks that score, and potentially blocks traffic based on it.

We found we were getting traffic blocked. Here’s what we found.

Continue reading “Azure WAF does not play nicely with Web Apps”
Advertisement
Azure WAF does not play nicely with Web Apps

Sitecore TDS – Could not find assembly Sitecore.Data.Resourceitems.Protobufnet.dll

So I am working on a Sitecore 10.1.2 project, and we’re using TDS 6.0.0.36. When I tried building the update package I got the error:

GENERATEPACKAGE : error : Could not find assembly sitecore.data.resourceitems.protobufnet.dll
GENERATEPACKAGE : error : Could not find assembly sitecore.data.resourceitems.abstractions.dll
C:\git\Blah\packages\HedgehogDevelopment.TDS.6.0.0.36\build\HedgehogDevelopment.TDS.targets(186,5): error : The package builder failed. Please set the build logging level to Normal or Detailed and see the build output log for more information on the failure.

This was odd, as Sitecore 10.1.2 does not contain either of those assemblies. But they did look familiar. After a bit of digging, I found them… in Sitecore 10.2. But I’m not using Sitecore 10.2… but that’s what it’s looking for.

Continue reading “Sitecore TDS – Could not find assembly Sitecore.Data.Resourceitems.Protobufnet.dll”
Sitecore TDS – Could not find assembly Sitecore.Data.Resourceitems.Protobufnet.dll

Setting Application Insights connection string for Client JavaScript

So, if you’re using Application Insights, you may choose to use the client-side JavaScript API. This is a snippet that will allow you to use Application Insights in JavaScript – and conventiently it records lots useful error, dependency and trace data, allow with PageView data. It’s pretty nifty, and also supports filters and telemetry enrichment.

In that snippet, you’ll find lots of mention of a configuration setting “instrumentation key”. This is the ID of the app insights instance that your data will be sent to.

The thing is, it has been deprecated in favour of “connection string”. This is the same connection string as you use server-side (as described previously), and can be read from:

string aiConnection = TelemetryConfiguration.Active?.ConnectionString;

You should do this and render the connection string rather than hard-code it into your layout page.

Setting Application Insights connection string for Client JavaScript

Configuring Hard-to-reach settings in Sitecore Containers

I’ve had a problem with some Containers I’m configuring – how do I set machine/environment specific settings in those containers? I can’t just patch them in with Sitecore patches – the files in the image are supposed to be immutable.

I could use Environment Variables (which is what the Sitecore container images do for App Settings and Connection Strings), and the $(env:variablename) syntax gives a way of doing that – but it could mean editing a lot of places.

Well, there’s a better way, and Vitalii Tylyk describes a nice way to do this – Sitecore environment variables config builder.

That’s pretty nifty, but I wonder if it could be adjusted to set cache sizes too…

Configuring Hard-to-reach settings in Sitecore Containers

Setting your Application Insights Connection String

If you’re adding Application Insights to your solution, you will need to specify a connection string. Usually, this is at the bottom of your applicationinsights.config file:

A nifty alternative is you can specify this connection as an Environment Variable – and App Insights will pick that up and use it…

Continue reading “Setting your Application Insights Connection String”
Setting your Application Insights Connection String

Debugging – Why my Content Editor was so slow

A customer reported to me that their content editor would freeze for 5 minutes if you clicked the root node of their site in Content Editor. I was surprised – bit when I went and did so, it froze for 5 minutes.

Now, this was on a newly upgraded and replatformed system, so I when and tried their existing system – and had the same result. The first click on the root node would take 5 minutes to load. So, it wasn’t our upgrade – but that I could study more easily. As it was the first click only, I figured caching was involved – but what gives? How do I find out what’s going on?

Continue reading “Debugging – Why my Content Editor was so slow”
Debugging – Why my Content Editor was so slow

Sitecore making requests to cts.cloud.sitecore.net

So, in my recent work on Application Insights I noticed that I was seeing quite a lot of failed outbound requests to cts.cloud.sitecore.net .

I know that Sitecore “phones home”, and I suspect that this is being blocked by our firewall (and this is why it is being logged as a failed dependency). However, I couldn’t fine out any information about cts.cloud.sitecore.net, or what information is being send.

Well, I raised this with Sitecore support; it is Sitecore’s “Consumption Tracking” service, and they gave some links:

They also mentioned that you can get a “no-track” license, but we’d have to contact our account manager.

Therefore, I see 3 options:

  1. Get a no-track license.
  2. Reconfigure the firewall.
  3. Filter out the failed dependency so it doesn’t keep logging to App Insights (and then pretend it isn’t there).

I prefer option 2 – letting the traffic out, personally.

Sitecore making requests to cts.cloud.sitecore.net

Filtering App Insights Server-side Trace messages

Previously I posted about using a Log4Net Appender to record Sitecore logs to Application Insights. That code will write Trace Messages to App Insights. I’m already filtering the messages to WARN or above using standard Log4Net <filter>s – but what if I need to filter more particular messages. Well, I wrote a telemetry processor to do this, just like Requests and Dependencies.

Continue reading “Filtering App Insights Server-side Trace messages”
Filtering App Insights Server-side Trace messages